38 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tipc: Improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structures from peer nodes to track their views of the network topology. This patch verifies tha...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the DnsEntry.php process. An attacker can inject arbitrary DNS records into zone...
USN-8282-1 unbound vulnerabilities
Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. CVE-2026-32792 Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certa...
PT-2026-34634
Froxlor is open source server administration software. Prior to version 2.3.6, DomainZones::add accepts arbitrary DNS record types without a whitelist and does not sanitize newline characters in the content field. When a DNS type not covered by the if/elseif validation chain is submitted e.g.,...
CRLF Injection
Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to CRLF Injection via the DomainZones::add process. An attacker can inject arbitrary DNS records and BIND directives into zone files by submitting crafted DNS record types and content...
TLS Certificate and Domain Feature Analysis of Phishing Domains in the Danish .Dk Namespace
Phishing attacks remain a persistent cybersecurity threat, and the widespread adoption of TLS certificates has unintentionally enabled malicious websites to appear trustworthy to users. This study examines whether certificate metadata and domain characteristics can help distinguish phishing domai...
CVE-2026-26952
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.4 and below are vulnerable to stored HTML injection through the local DNS records configuration page, which allows an authenticated administrator to inject cod...
Pi-hole 安全漏洞
Pi-hole is a web-level ad blocking application developed by Pi-hole Inc. Versions of Pi-hole 6.4 and earlier contained a security vulnerability, which was caused by a storage-type HTML injection vulnerability in the local DNS record configuration page. This vulnerability could allow arbitrary HTM...
UBUNTU-CVE-2025-59029
An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988682)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988682 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986904)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986904 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node ...
Linux Distros Unpatched Vulnerability : CVE-2023-7008
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature...
CVE-2025-8866
Summary: CVE-2025-8866 affects the YugabyteDB Anywhere web server, where the /metamaster/universe API endpoint does not properly enforce authentication. What’s affected: YugabyteDB Anywhere web server (specific versions not enumerated in provided documents). Root cause (as described): Authenticat...
SUSE CVE-2025-0650
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
SUSE CVE-2022-48711
In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...
CVE-2022-48711
In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...
DEBIAN-CVE-2022-48711
In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...
UBUNTU-CVE-2022-48711
In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...
CVE-2022-48711 tipc: improve size validations for received domain records
In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...
CVE-2022-48711 tipc: improve size validations for received domain records
In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...